

CLAIMS 



What is claimed is: 



A method for providing shared secret keys for communicating through a secure 
channel between members of a dynamically changing multicast group connected over 
an insecure network, the method comprising the computer-implemented steps of: 
^computing a first shared secret key for establishing a first multicast group that 

includes a set of one or more first members; 
generating a first multicast group exchange key based on the first shared secret key; 
receiving, a first user exchange key from a first user requesting entry into the first 
multicast group; 

computing a second secret key based on the first user exchange key and the first 
shared secteet key; 

sending the first multicast group exchange key to the first user, wherein the first 
multicast group exchange key allows the first user to generate the second 
shared secret key; 

establishing a second multicasKgroup whose members include the first user and the 
set of one or more first members of the first multicast group, wherein the 
second shared secret key provides a first secure channel for communicating 
between members of the second n^ulticast group over the insecure network. 

The method as recited in Claim 1, wherein tlie^step of computing a first shared secret 
key includes the steps of: 
selecting a private non-zero random integer "x"; 
selecting a public non-zero integer "g"; 
selecting a public prime integer "n"; and 

computing the first shared secret key "k" according to the region 
k = (g x mod(n)). 
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1^3. The method as recited in Claim 2, wherein the step of generating a first multicast 

2 group exchange key includes the step computing the first multicast group exchange 

3 \ key K' according to the relation 

4 \ K' = (g k mod(n)). 

1 4. The method as recited in Claim 2, wherein 

2 the step (rf receiving a first user exchange key includes the step of receiving a first 

3 uservexchange key value Y' computed according to the relation 

4 Y' = (k mod (n)), 

5 wherein 'V' is a private non-zero random integer selected by the first user; and 

6 the step of computing a second secret key includes the step computing the second 

7 secret key "k 1 'Recording to the relation 

8 kl =(Y' k mod(n)K 

1 5. The method as recited in Claitfk2, wherein the step of sending the first multicast 

2 group exchange key to the first user further comprises the first user computing the 

3 second secret key "k 1 " according tcrthe relation 

4 kl =(K' y mod(n)). \ 

1 6. The method as recited in Claim 1 , whereink 

2 the step of receiving a first user exchange key^from a first user comprises the step of 

3 verifying that the first user should be alloWed entry into the first multicast 

4 group; and \ 

5 providing the first user with the first multicast exchange key only after the first user is 

6 verified for entry into the first multicast group. \ 

1 7. The method as recited in Claim 1 , further comprising the stepk of: 

2 generating a second multicast group exchange key based on the second shared secret 

3 key; \ 

4 receiving a second user exchange key from a second user requesting ekry into the 

5 second multicast group; \ 
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6 \ computing a third secret key based on the second user exchange key and the second 

7 \ shared secret key; 

8 sending the second multicast group exchange key to the second user, wherein the 

9 \ second multicast group exchange key allows the second user to generate the 

10 third shared secret key; and 

1 1 establishing a third multicast group whose members include the second user and the 
(^12 members of the second multicast group, wherein the third shared secret key 

1 3 provides^ second secure channel for communicating between members of the 

14 third multicW group over the insecure network. 

1 8. The method as recited in^Claim 2, further comprising the steps of: 

2 determining that a first deputing member has left the second multicast group; 

3 selecting a private multicast gtoup non-zero random integer; 

4 generating a second multicast group exchange key based on the private multicast 

5 group non-zero random integer, the public non-zero integer "g" and the public 

6 prime integer "n"; \ 

7 broadcasting the second multicast group exchange key to each remaining member of 

8 the second multicast group; \ 

9 in response to receiving the second multicast gK>up exchange key, each remaining 

10 member computing a third secret key based on the second multicast group 

1 1 exchange key and the second shared secret k^y; and 

1 2 establishing a third multicast group whose members include only remaining members 

13 of the second multicast group, wherein the third shared secret key provides a 

14 second secure channel for communicating between rkembers of the third 

1 5 multicast group over the insecure network. \ 

1 9. The method as recited in Claim 1 , wherein the step of establishing V second multicast 

2 group requires a total of approximately N+l messages for providing the first secure 

3 channel for communicating between members of the second multicast grbup over the 

4 insecure network. \ 
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1 10K A computer-readable medium carrying one or more sequences of one or more 

2 \ instructions for communicating through a secure channel between members of a 

3 oynamically changing multicast group connected over an insecure network, and which 

4 instructions, when executed by one or more processors, cause the one or more 

5 processors to perform the steps of: 

6 computing a first shared secret key for establishing a first multicast group that 

7 includes a set of one or more first members; 

8 generating a fi*st multicast group exchange key based on the first shared secret key; 

9 receiving a first user exchange key from a first user requesting entry into the first 

10 multicast group; 

1 1 computing a second secret key based on the first user exchange key and the first 

12 shared secret key: 

13 sending the first multicasrgroup exchange key to the first user, wherein the first 

14 multicast group exchange key allows the first user to generate the second 

1 5 shared secret key; and \ 

1 6 establishing a second multicast group whose members include the first user and the 

1 7 set of one or more first members of the first multicast group, wherein the 

1 8 second shared secret key provides a first secure channel for communicating 

19 between members of the seconcl multicast group over the insecure network. 

1 11. The computer-readable medium as recited\n Claim 10, wherein the step of computing 

2 a first shared secret key includes the steps of\ 

3 selecting a private non-zero random integer "x\ 

4 selecting a public non-zero integer "g"; \ 

5 selecting a public prime integer "n"; and \ 

6 computing the first shared secret key "k" according to the relation 

7 k - (g x mod (n)). \ 
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1 12v The computer-readable medium as recited in Claim 1 1 , wherein the step of generating 

2 \a first multicast group exchange key includes the step computing the first multicast 

3 grfcup exchange key K' according to the relation 

4 \K' = (g k mod (n)). 

1 13. The computer-readable medium as recited in Claim 1 1 , wherein 

2 the step of receiving a first user exchange key includes the step of receiving a first 

3 user exchange key value Y' computed according to the relation 

4 Y' = (g*mo<^n)), 

5 wherein "y" is asprivate non-zero random integer selected by the first user; and 

6 the step of computing a setond secret key includes the step computing the second 

7 secret key "k 1 " according to the relation 

8 kl = (Y' k mod (n)). \ 

1 1 4. The computer-readable medium as\ecited in Claim 1 1 , wherein the step of sending 

2 the first multicast group exchange keysto the first user further comprises the first user 

3 computing the second secret key "kl" according to the relation 

4 kl=(K' y mod(n)). \ 

1 15. The computer-readable medium as recited in Claim 1 0, wherein: 

2 the step of receiving a first user exchange key frorn a first user comprises the step of 

3 verifying that the first user should be allowed entry into the first multicast 

4 group; and \ 

5 providing the first user with the first multicast exchangetey only after the first user is 

6 verified for entry into the first multicast group. \ 

1 1 6. The computer-readable medium as recited in Claim 1 0, further comprising 

2 instructions for performing the steps of: \ 

3 generating a second multicast group exchange key based on the second shared secret 

4 key; \ 

5 receiving a second user exchange key from a second user requesting en\ry into the 

6 second multicast group; \ 
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7 \ computing a third secret key based on the second user exchange key and the second 

8 \ shared secret key; 

9 sefKhng the second multicast group exchange key to the second user, wherein the 

10 \second multicast group exchange key allows the second user to generate the 

1 1 third shared secret key; and 

12 establishing^ third multicast group whose members include the second user and the 

1 3 members of the second multicast group, wherein the third shared secret key 

14 provides a second secure channel for communicating between members of the 
*1 5 third multicast group over the insecure network. 

1 17. The computer-readable medium as recited in Claim 1 1 , further comprising 

2 instructions for performing Nhe steps of: 

3 determining that a first departing member has left the second multicast group; 

4 selecting a private multicast group non-zero random integer; 

5 generating a second multicast grouk exchange key based on the private multicast 

6 group non-zero random integer the public non-zero integer "g" and the public 

7 prime integer "n"; \ 

8 broadcasting the second multicast group exchange key to each remaining member of 

9 the second multicast group; \ 

10 in response to receiving the second multicast group exchange key, each remaining 

1 1 member computing a third secret key based on the second multicast group 

12 exchange key and the second shared secret Key; and 

1 3 establishing a third multicast group whose members include only remaining members 

14 of the second multicast group, wherein the third\hared secret key provides a 

1 5 second secure channel for communicating betweeiWembers of the third 

1 6 multicast group over the insecure network. \ 

1 18. The computer-readable medium as recited in Claim 1 0, whereinthe step of 

2 establishing a second multicast group requires a total of approximately N+l messages 

3 for providing the first secure channel for communicating between members of the 

4 second multicast group over the insecure network. \ 
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19. A network device configured for communicating through a secure channel between 
members of a dynamically changing multicast group connected over an insecure 
^network, comprising: 
a\etwork interface; 

a processor coupled to the network interface and receiving information from the 



a computeWeadable medium accessible by the processor and comprising one or more 
sequehces of instructions which, when executed by the processor, cause the 
processoiao carry out the steps of: 

computing asfirst shared secret key for establishing a first multicast group that 

includeka set of one or more first members; 
generating a first Multicast group exchange key based on the first shared secret 
key; \ 

receiving a first user exchange key from a first user requesting entry into the 

first multicast group; 
computing a second secret kky based on the first user exchange key and the 

first shared secret key; \ 
sending the first multicast group exchange key to the first user, wherein the 

first multicast group exchange key allows the first user to generate the 
second shared secret key; and \ 
establishing a second multicast group whose members include the first user 
and the set of one or more first members of the first multicast group, 
wherein the second shared secret key provides a first secure channel 
for communicating between members of tHe second multicast group 
over the insecure network. \ 

20. The network device as recited in Claim 1 9, wherein the step of computing a first 
shared secret key includes the steps of: \ 
selecting a private non-zero random integer "x"; \ 
selecting a public non-zero integer "g"; \ 



:twork interface: 
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selecting a public prime integer "n"; and 

^computing the first shared secret key "k" according to the relation 
k = (g x mod(n)). 

2 1 . The network device as recited in Claim 20, wherein the step of generating a first 
multicast group exchange key includes the step computing the first multicast group 
exchange (rey K' according to the relation 

K' =\c k mod (n)). 

22. The network device as recited in Claim 20, wherein 

the step of receiving a first user exchange key includes the step of receiving a first 
user exchangeNkey value Y' computed according to the relation 
Y'^mod (nV 

wherein "y" is a private non-zero random integer selected by the first user; and 
the step of computing a second secret key includes the step computing the second 
secret key "kl" accoroipg to the relation 
kl =(Y' k mod(n)). 

23. The network device as recited in Claim 20, wherein the step of sending the first 
multicast group exchange key to the first user further comprises the first user 
computing the second secret key "kl" according to the relation 

kl=(K' y mod(n)). 

24. The network device as recited in Claim 19, wherein: 
the step of receiving a first user exchange key from a first user comprises the step of 

verifying that the first user should be allowed entry into the first multicast 
group; and 

providing the first user with the first multicast exchangeNkey only after the first user is 
verified for entry into the first multicast group. 
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1 25. \ The network device as recited in Claim 19 5 further comprising instructions for 

2 performing the steps of: 

3 generating a second multicast group exchange key based on the second shared secret 

4 \ey; 

5 receiving^ second user exchange key from a second user requesting entry into the 

6 second multicast group; 

7 computing a thud secret key based on the second user exchange key and the second 

8 shared secret key; 

9 sending the second nudticast group exchange key to the second user, wherein the 

10 second multicasogroup exchange key allows the second user to generate the 

1 1 third shared secret Key; and 

12 establishing a third multicast group whose members include the second user and the 

13 members of the second multicast group, wherein the third shared secret key 

14 provides a second secure channel for communicating between members of the 

1 5 third multicast group over the insecure network. 

1 26. The network device as recited in Claim 20/^irther comprising instructions for 

2 performing the steps of: \ 

3 determining that a first departing member has left the second multicast group; 

4 selecting a private multicast group non-zero randomdnteger; 

5 generating a second multicast group exchange key basbd on the private multicast 

6 group non-zero random integer, the public non-zefco integer "g" and the public 

7 prime integer "n"; \ 

8 broadcasting the second multicast group exchange key to each remaining member of 

9 the second multicast group; \ 

1 0 in response to receiving the second multicast group exchange key, eafch remaining 

1 1 member computing a third secret key based on the second multicast group 

12 exchange key and the second shared secret key; and \ 

13 establishing a third multicast group whose members include only remaining members 

14 of the second multicast group, wherein the third shared secret key provides a 
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second secure channel for communicating between members of the third 
multicast group over the insecure network. 

27. The network device as recited in Claim 1 9, wherein the step of establishing a second 
multicast group requires a total of approximately N+l messages for providing the first 
secure\channel for communicating between members of the second multicast group 
over theSnsecure network. 

28. A network deyice configured for communicating through a secure channel between 
members of a dyhamically changing multicast group connected over an insecure 
network, comprising: 

means for computing aSfirst shared secret key for establishing a first multicast group 

that includes a set\f one or more first members; 
means for generating a first multicast group exchange key based on the first shared 

secret key; \ 
means for receiving a first user exctoinge key from a first user requesting entry into 

the first multicast group; \ 
means for computing a second secret key^ased on the first user exchange key and the 

first shared secret key; \ 
means for sending the first multicast group exclrange key to the first user, wherein the 

first multicast group exchange key allows the first user to generate the second 

shared secret key; and \ 
means for establishing a second multicast group whose inembers include the first user 

and the set of one or more first members of the first multicast group, wherein 

the second shared secret key provides a first secure channel for 

communicating between members of the second multicast group over the 

insecure network. \ 
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A method for generating a shared secret key for use by a first member, a second 
iember, and a third member who joins the first member and the second member for 
secute communication as a multicast group over an insecure network, the method 
comprising the computer-implemented steps of: 

generatinga first multicast group exchange key K' based on a first shared secret key 
"k" fturt is used by a first multicast group that includes the first member and 
the second member, wherein k = (g x mod (n)) 5 "x" is a private non-zero 
random integer, "g" is a public non-zero integer, and "n" is a pre-determined 
public primesinteger, and wherein K' = (g k mod (n)); 

receiving a first user exchange key from the third member as part of a request by the 
third member to efater the first multicast group; 

sending the first multicast gtoup exchange key to the first member, wherein the first 
multicast group exchange key allows the first member to generate a second 
secret key based on the first user exchange key and the first shared secret key; 
and 

establishing secure communication irka second multicast group whose members 

include the first member, the se\ond member and the third member, and based 
on the second shared secret key. 



1 30. The method as recited in Claim 29, wherein 

2 the step of receiving a first user exchange key Includes the step of receiving a first 

3 user exchange key value Y* computed according to the relation 

4 Y' = (g y mod (n)) 3 wherein "y" is a private t^on-zero random integer selected 

5 by the first member; and 

6 the step of computing a second secret key includes the\tep computing the second 

7 secret key "kl " according to the relation kl = (Y'Vnod (n)). 

1 31. The method as recited in Claim 29, wherein the step of sending the first multicast 

2 group exchange key to the first member further comprises the fnrst member computing 

3 the second secret key "kl" according to the relation kl = (K' y mod (n)). 
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1 32\ The method as recited in Claim 29, wherein the step of receiving a first user exchange 

2 \ key from a first member comprises the step of providing the first user with the first 

3 multicast exchange key only after verifying that the first user is allowed to enter the 

4 firstWilticast group. 

1 33. The method as recited in Claim 29, further comprising the steps of: 

2 detenniningOhat a first departing member has left the second multicast group; 

3 selecting a pri\ate multicast group non-zero random integer; 

4 generating a second multicast group exchange key based on the private multicast 

5 group non-z^ro random integer, the public non-zero integer "g" and the public 

6 prime integer ^n"; 

7 broadcasting the second niulticast group exchange key to each remaining member of 

8 the second multicastsgroup; 

9 in response to receiving the second multicast group exchange key, each remaining 

1 0 member computing a third, secret key based on the second multicast group 

1 1 exchange key and the seconckshared secret key; and 

1 2 establishing a third multicast group wBose members include only remaining members 

1 3 of the second multicast group, wherein the third shared secret key provides a 

14 second secure channel for communicating between members of the third 

1 5 multicast group over the insecure network. 
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